<div dir="ltr">Hi,<div><br></div><div>On further investigation came to know that, crash is happening because openssl initialisation with aes-ni is failing.</div><div><br></div><div>Found the same from the link [1][2]</div><div><br></div><div>After changing the openssl code, now I am not seeing the crash.</div><div><br></div><div>Now my question, is it really required to use aes-ni during tunnel establishment time. Becasue the messages exchanged during tunnel establishment are not many, we will not see any performance impact if you use aes-ni.</div><div><br></div><div>Is there any way to avoid charon from using aes-ni through openssl?</div><div><br></div><div>-Bhargav</div><div><br></div><div>[1] <a href="https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/590639">https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/590639</a></div><div>[2] <a href="http://rt.openssl.org/Ticket/Display.html?id=2305&user=guest&pass=guest">http://rt.openssl.org/Ticket/Display.html?id=2305&user=guest&pass=guest</a></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Oct 20, 2014 at 6:05 PM, bhargav p <span dir="ltr"><<a href="mailto:bhargav.1226@gmail.com" target="_blank">bhargav.1226@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><span class=""><span style="font-family:arial,sans-serif;font-size:13px">> I am observering charon generated core files when I configured aes as an encryption alogorithm.<br>><br>> aes-ni is enabled on my device.<br></span><span style="font-family:arial,sans-serif;font-size:13px">I seriously doubt that this is a aes-ni-related problem, try running</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">charon with the environment-variable OPENSSL_ia32cap set, such that</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">bit #57 is cleared [1] (should be the value ~0x200000000000000).</span><br><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div></span><div><span style="font-family:arial,sans-serif;font-size:13px">[Bhargav] I am not sure, this is aes-ni related problem or not. I have two machines one with aes-ni and without aes-ni and same strongswan version [4.3.6 ] and same openssl. And only the difference is aes flag is enabled /proc/cpuinfo of one machine and in one machine it is not enabled.</span></div><div><span style="font-family:arial,sans-serif;font-size:13px">I m seeing this crash where aes is enabled.</span><br></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px">I will try running whatever suggested.</span></div><span class=""><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px">><br>> strongswan version I am using is 4.3.6 and openssl version openssl-1.0.0.<br>><br>> I ran gdb on the core file, it is pointing to the below point<br>><br>><br>> #4 0x00007fabd3eee1b7 in EVP_CIPHER_CTX_set_key_length (c=0x7fabcc99e8b0, keylen=16) at evp_enc.c:520<br></span><span style="font-family:arial,sans-serif;font-size:13px">> 520evp_enc.c: No such file or directory.</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">> in evp_enc.c<br>> (gdb) p *c<br>> $1 = {cipher = 0x0, engine = 0x0, encrypt = 1, buf_len = 0, oiv = '\000' <repeats 15 times>, iv = '\000' <repeats 15 times>, buf = '\000' <repeats 31 times>, num = 0,<br>> app_data = 0x0,<br>> key_len = 0, flags = 256, cipher_data = 0x0, final_used = 0, block_mask = 0, final = '\000' <repeats 31 times>}<br></span><span style="font-family:arial,sans-serif;font-size:13px">A little more context (as in backtrace: '(gdb) help bt') would</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">certainly help! But I'm guessing it leads somewhere to [2], which</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">as you can see, calls EVP_CIPHER_CTX_set_key_length, regardless</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">of EVP_CipherInit_ex's return code. Martin fixed this in [3] which</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">is first available with strongswan 5.0.2, so maybe you check this</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">version out.</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">However: my guess is, that openssl has problems dealing with the</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">cipher, use gdb to print *this->cipher from openssl_crypt.c to shed</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">some more light on this.</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">Btw: which openssl-1.0.0 version are you using: [d-n] are available)?</span><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div></span><div><span style="font-family:arial,sans-serif;font-size:13px">[Bhargav] And more backtrace:</span></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><div><font face="arial, sans-serif">#4 0x00007fab0ecf61b7 in EVP_CIPHER_CTX_set_key_length (c=0x7fab05xxxxxx0, keylen=16) at evp_enc.c:520</font></div><div><font face="arial, sans-serif">No locals.</font></div><div><font face="arial, sans-serif">#5 0x00007fab0f24a4ab in crypt (this=0x2626640, data=..., iv=..., dst=<value optimized out>, enc=1)</font></div><div><font face="arial, sans-serif"> at /strongswan/src/libstrongswan/plugins/openssl/openssl_crypter.c:137</font></div><div><font face="arial, sans-serif"> len = <value optimized out></font></div><div><font face="arial, sans-serif"> out = 0x2626a70 "\210\360{\017\253\177"</font></div><div><font face="arial, sans-serif"> ctx = {cipher = 0x0, engine = 0x0, encrypt = 1, buf_len = 0, oiv = '\000' <repeats 15 times>, iv = '\000' <repeats 15 times>, buf = '\000' <repeats 31 times>, num = 0, app_data = 0x0, </font></div><span class=""><div><font face="arial, sans-serif"> key_len = 0, flags = 256, cipher_data = 0x0, final_used = 0, block_mask = 0, final = '\000' <repeats 31 times>}</font></div></span><div><font face="arial, sans-serif">#6 0x00007fab0f24a5e4 in encrypt (this=0x7fab05fa38b0, data=..., iv=..., dst=0x40b2)</font></div><div><font face="arial, sans-serif"> at /strongswan/src/libstrongswan/plugins/openssl/openssl_crypter.c:160</font></div><div><font face="arial, sans-serif">No locals.</font></div><div><font face="arial, sans-serif">#7 0x000000000043dfec in encrypt (this=0x2626740)</font></div><div><font face="arial, sans-serif"> at /strongswan/src/charon/encoding/payloads/encryption_payload.c:366</font></div><div><font face="arial, sans-serif"> iv = {ptr = 0x2626620 "\272\262]*\212\306=\313W\347r\031\234D<\034", len = 16}</font></div><div><font face="arial, sans-serif"> padding = {ptr = 0x2625310 "A\255Z`\037JbK\f\272\226", len = 11}</font></div><div><font face="arial, sans-serif"> to_crypt = {ptr = 0x26268d0 "'", len = 192}</font></div><div><font face="arial, sans-serif"> result = {ptr = 0x2626a70 "\210\360{\017\253\177", len = 192}</font></div><div><font face="arial, sans-serif"> rng = <value optimized out></font></div><div><font face="arial, sans-serif"> block_size = 16</font></div></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px">In frame 7 we can see this pointer having something:</span></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><div><font face="arial, sans-serif">(gdb) f 7</font></div><div><font face="arial, sans-serif">#7 0x000000000043dfec in encrypt (this=0x2626740)</font></div><div><font face="arial, sans-serif"> at /security/strongswan/src/charon/encoding/payloads/encryption_payload.c:366</font></div><div><font face="arial, sans-serif">366<span style="white-space:pre-wrap"> </span>this->crypter->encrypt(this->crypter, to_crypt, iv, &result);</font></div></div><div><font face="arial, sans-serif"><br></font></div><div><font face="arial, sans-serif"><div>(gdb) p this->crypter</div><div>$20 = (crypter_t *) 0x2626640</div><div>(gdb) x/10b 0x2626640</div><div>0x2626640:<span style="white-space:pre-wrap"> </span>-80<span style="white-space:pre-wrap"> </span>-91<span style="white-space:pre-wrap"> </span>36<span style="white-space:pre-wrap"> </span>15<span style="white-space:pre-wrap"> </span>-85<span style="white-space:pre-wrap"> </span>127<span style="white-space:pre-wrap"> </span>0<span style="white-space:pre-wrap"> </span>0</div><div>0x2626648:<span style="white-space:pre-wrap"> </span>80<span style="white-space:pre-wrap"> </span>-91</div><div><br></div><div>But in frame 6 we can see this beoming NULL, </div><div><br></div><div>(gdb) f 6<br></div><div> 0x00007fab0f24a5e4 in encrypt (this=0x7fab05fa38b0, data=..., iv=..., dst=0x40b2)<br></div><div><div>(gdb) p *this</div><div>$21 = {public = {crypter_interface = {encrypt = 0, decrypt = 0, get_block_size = 0x1, get_key_size = 0, set_key = 0, destroy = 0}}, key = {ptr = 0x0, len = 0}, cipher = 0x0}</div></div><div><br></div><div>Here cipher is NULL. Here is my suspicion.</div><div><br></div><div>Yes, looks like it is pointing to Martin's fix. But is there something wrong with openssl when it is initialising with aes-ni driver?</div><div><br></div><div>This crash is happening when encrypting the IKE_AAUTH payload.</div><span class=""><font color="#888888"><div><br></div></font></span></font></div><span class=""><font color="#888888"><div>-Bhargav</div></font></span><div><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Oct 17, 2014 at 1:19 AM, Thomas Egerer <span dir="ltr"><<a href="mailto:hakke_007@gmx.de" target="_blank">hakke_007@gmx.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi Bhargav,<br>
<span><br>
On 10/16/2014 08:11 PM, bhargav p wrote:<br>
> Hi,<br>
><br>
> Can someone please reply to the query?<br>
><br>
</span><span>> On Mon, Oct 13, 2014 at 12:13 PM, bhargav p <<a href="mailto:bhargav.1226@gmail.com" target="_blank">bhargav.1226@gmail.com</a> <mailto:<a href="mailto:bhargav.1226@gmail.com" target="_blank">bhargav.1226@gmail.com</a>>> wrote:<br>
><br>
><br>
> Hi,<br>
><br>
> I am observering charon generated core files when I configured aes as an encryption alogorithm.<br>
><br>
> aes-ni is enabled on my device.<br>
</span>I seriously doubt that this is a aes-ni-related problem, try running<br>
charon with the environment-variable OPENSSL_ia32cap set, such that<br>
bit #57 is cleared [1] (should be the value ~0x200000000000000).<br>
<span>><br>
> strongswan version I am using is 4.3.6 and openssl version openssl-1.0.0.<br>
><br>
> I ran gdb on the core file, it is pointing to the below point<br>
><br>
><br>
> #4 0x00007fabd3eee1b7 in EVP_CIPHER_CTX_set_key_length (c=0x7fabcc99e8b0, keylen=16) at evp_enc.c:520<br>
</span>> 520evp_enc.c: No such file or directory.<br>
<span>> in evp_enc.c<br>
> (gdb) p *c<br>
> $1 = {cipher = 0x0, engine = 0x0, encrypt = 1, buf_len = 0, oiv = '\000' <repeats 15 times>, iv = '\000' <repeats 15 times>, buf = '\000' <repeats 31 times>, num = 0,<br>
> app_data = 0x0,<br>
> key_len = 0, flags = 256, cipher_data = 0x0, final_used = 0, block_mask = 0, final = '\000' <repeats 31 times>}<br>
</span>A little more context (as in backtrace: '(gdb) help bt') would<br>
certainly help! But I'm guessing it leads somewhere to [2], which<br>
as you can see, calls EVP_CIPHER_CTX_set_key_length, regardless<br>
of EVP_CipherInit_ex's return code. Martin fixed this in [3] which<br>
is first available with strongswan 5.0.2, so maybe you check this<br>
version out.<br>
However: my guess is, that openssl has problems dealing with the<br>
cipher, use gdb to print *this->cipher from openssl_crypt.c to shed<br>
some more light on this.<br>
Btw: which openssl-1.0.0 version are you using: [d-n] are available)?<br>
<br>
> cipher is becoming NULL.<br>
Judging from the code, this is impossible, if EVP_CipherInit_ex has<br>
been called :/<br>
<br>
<br>
Cheers, let's have a drink now!<br>
Thomas<br>
<br>
[1] <a href="https://www.openssl.org/docs/crypto/OPENSSL_ia32cap.html" target="_blank">https://www.openssl.org/docs/crypto/OPENSSL_ia32cap.html</a><br>
[2]<br>
<a href="https://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/plugins/openssl/openssl_crypter.c;h=a8923ab56b3f4a3801b905c0a55c7e32d2f509cf;hb=7daf5226b74e14a6e0f1a888b0be26f3d246f9f8#l137" target="_blank">https://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libstrongswan/plugins/openssl/openssl_crypter.c;h=a8923ab56b3f4a3801b905c0a55c7e32d2f509cf;hb=7daf5226b74e14a6e0f1a888b0be26f3d246f9f8#l137</a><br>
[1] <a href="https://git.strongswan.org/?p=strongswan.git;a=commit;h=e35abbe5" target="_blank">https://git.strongswan.org/?p=strongswan.git;a=commit;h=e35abbe5</a><br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.strongswan.org" target="_blank">Users@lists.strongswan.org</a><br>
<a href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote></div><br><br clear="all"><div><br></div>
</div></div></div></div>
</blockquote></div><br><br clear="all"><div><br></div><br><div class="gmail_signature"><div><font color="#282828" face="Calibri"><span style="color:rgb(40,40,40);font-size:11pt"></span></font></div></div>
</div></div>